package com.frost.captcha;

import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpSession;
import java.util.Date;

@RequestMapping("/admin")
@RestController
public class KaptchaController {
    private static final String KAPTCHA_SESSION_KEY = "KAPTCHA_SESSION_KEY";
    private static final String KAPTCHA_SESSION_DATE = "KAPTCHA_SESSION_DATE";
    private static final long TIME_OUT = 60*1000; // 一分钟
    /**
     * 校验验证码是否正确
     * @param inputCaptcha
     * @return
     */
    @RequestMapping("/check")
    public boolean check(String inputCaptcha, HttpSession session) {
        // 1. 判断输入验证码是否为空
        // 2. 获取生产的验证码
        // 3. 比对生成的验证码和输入的是否一致
        // 4. 确认验证码是否过期
        if (!StringUtils.hasLength(inputCaptcha)) {
            return false;
        }
        String saveCaptcha = (String) session.getAttribute(KAPTCHA_SESSION_KEY);
        Date saveCaptchaDate = (Date) session.getAttribute(KAPTCHA_SESSION_DATE);
        if (inputCaptcha.equalsIgnoreCase(saveCaptcha)) {
            if (saveCaptchaDate != null || System.currentTimeMillis()-saveCaptchaDate.getTime() < TIME_OUT) {
                return true;
            }
        }
        return false;
    }
}
